Jump to content


Photo

Woso will kill me


  • This topic is locked This topic is locked
6 replies to this topic

#1 distress PC

distress PC

    Member

  • Full Member
  • Pip
  • 3 posts

Posted 25 May 2007 - 03:29 AM

Date of the log : 25 may

Hi :alarm:
I'm a french girl whose PC has been attacked by a spyware : woso I guess
I try to remove it since a week but it is not easy to fix.

Is there someone to help me, I would be grateful to anyone that enable me to progress with this spyware. :oops:
I can't hardly use my PC because of it !!!!

This is the hijackthis log:

Logfile of HijackThis v1.99.1
Scan saved at 09:14:54, on 25/05/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\grcf.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\CAPM4RSK.EXE
C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
C:\Program Files\TOSHIBA\Accessibility\FnKeyHook.exe
C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
C:\Program Files\OpenVPN\bin\openvpn-gui.exe
C:\WINDOWS\AdobeR.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Pandion\Pandion.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\CAPM4LAK.EXE
C:\Program Files\PhraseExpress Pro\phrase.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\CAPM4SWK.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\OpenVPN\bin\openvpn.exe
C:\WINDOWS\system32\WISPTIS.EXE
C:\WinPBO2\Pbo.exe
C:\Hijackhis\HijackThis.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\DOCUME~1\x\LOCALS~1\Temp\help.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
O4 - HKLM\..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
O4 - HKLM\..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
O4 - HKLM\..\Run: [TOSHIBA Accessibility] C:\Program Files\TOSHIBA\Accessibility\FnKeyHook.exe
O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [openvpn-gui] C:\Program Files\OpenVPN\bin\openvpn-gui.exe
O4 - HKLM\..\Run: [RavAV] C:\WINDOWS\AdobeR.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -masquer
O4 - HKLM\..\Run: [wosa] C:\DOCUME~1\x\LOCALS~1\Temp\woso.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: PhraseExpress Pro.lnk = C:\Program Files\PhraseExpress Pro\phrase.exe
O4 - Global Startup: Fenętre d'état de Canon iR1510-1670.LNK = C:\WINDOWS\system32\spool\drivers\w32x86\3\CAPM4LAK.EXE
O4 - Global Startup: Pandion.lnk = C:\Program Files\Pandion\Pandion.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\ou3viewer.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ou3viewer.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: IS Service (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Card Adapter (NETDown) - Unknown owner - C:\WINDOWS\grcf.exe
O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Program Files\OpenVPN\bin\openvpnserv.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe

#2 distress PC

distress PC

    Member

  • Full Member
  • Pip
  • 3 posts

Posted 25 May 2007 - 10:06 AM

Hi again :zipped:
All my efforts are unsuccessful
Is there a malware in the house because the roof is burning.

I forget to describe the problem:
IExplorer loads itself hundreds of time and the programm help.exe loads itself too.

The consequence is that my PC is as fast as a sick turtle. :rofl:

#3 SWI Support Robot

SWI Support Robot

    Helper robot

  • SWI Bot
  • PipPipPipPipPip
  • 23,523 posts

Posted 27 May 2007 - 06:30 AM

Welcome to SWI. We apologize for the delay; our helpers have been very busy.
If you have not received help after 3 days, please CLICK HERE, and post a link to your log and the date it was originally posted.

Thank you for your patience.

[this is an automated reply]
This is an automated message. It does not count as help.

#4 jedi

jedi

    aequam memento rebus in arduis servare mentem

  • Emeritus
  • PipPipPipPipPip
  • 15,830 posts

Posted 28 May 2007 - 05:17 AM

Hi,

Download: CCleaner (freeware)
http://www.majorgeek...wnload4191.html
Run the installer, and uncheck the option to install Yahoo toolbar (unless you want Yahoo toolbar).
Once installed, run CCleaner click the Windows [tab]
Select the following:
Posted Image
Next: click Options click the Settings tab
Uncheck: "Only delete files older than 48 hrs.", click Ok
Then click Run Cleaner (bottom right) then Exit

Next:

Download Dr.Web CureIt to the desktop:
ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe
Next, please reboot your computer in Safe Mode by doing the following:
1) Restart your computer
2) After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
3) Instead of Windows loading as normal, a menu should appear
4) Select the first option, to run Windows in Safe Mode.

For additional help in booting into Safe Mode, see the following site:
http://www.pchell.co.../safemode.shtml
  • Doubleclick the drweb-cureit.exe file and Allow to run the express scan
  • This will scan the files currently running in memory and when something is found, click the yes button when it asks you if you want to cure it. This is only a short scan.
  • Once the short scan has finished, mark the drives that you want to scan.
  • Select all drives. A red dot shows which drives have been chosen.
  • Click the green arrow at the right, and the scan will start.
  • Click 'Yes to all' if it asks if you want to cure/move the file.
  • When the scan has finished, look if you can click next icon next to the files found: Posted Image
  • If so, click it and then click the next icon right below and select Move incurable as you'll see in next image:
    Posted Image
    This will move it to the %userprofile%\DoctorWeb\quarantaine-folder if it can't be cured. (this in case if we need samples)
  • After selecting, in the Dr.Web CureIt menu on top, click file and choose save report list
  • Save the report to your desktop. The report will be called DrWeb.csv
  • Close Dr.Web Cureit.
  • Reboot your computer!! Because it could be possible that files in use will be moved/deleted during reboot.
  • After reboot, post the contents of the log from Dr.Web you saved previously in your next reply.
Next:

1. Download this file - ComboFix
2. Double click combofix.exe & follow the prompts.
3. When finished, it will produce a log for you. Post that log in your next reply

Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall

So, can I see the DrWeb report, the ComboFix report, and a new HiJackThis log.

jedi
jedi

My help is free, but if you wish to help keep these forums running please consider a donation, see This Topic for details.

#5 distress PC

distress PC

    Member

  • Full Member
  • Pip
  • 3 posts

Posted 28 May 2007 - 06:28 AM

[Hi Jedi]

I thanks you a lot for the response, I'll do just as you say.
Do you think it will be hard to remove the undesirable host "woso" ?

Have a nice day
By by from france :D

#6 jedi

jedi

    aequam memento rebus in arduis servare mentem

  • Emeritus
  • PipPipPipPipPip
  • 15,830 posts

Posted 28 May 2007 - 06:48 AM

Do you think it will be hard to remove the undesirable host "woso" ?

Possibly, possibly not. But not impossible! :D

Hi from the other side of the Channel!

jedi
jedi

My help is free, but if you wish to help keep these forums running please consider a donation, see This Topic for details.

#7 jedi

jedi

    aequam memento rebus in arduis servare mentem

  • Emeritus
  • PipPipPipPipPip
  • 15,830 posts

Posted 12 June 2007 - 10:25 AM

Due to the lack of feedback this Topic is closed.

If you need this topic reopened, please tell the moderating team by replying here with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.
jedi

My help is free, but if you wish to help keep these forums running please consider a donation, see This Topic for details.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Member of ASAP and UNITE
Support SpywareInfo Forum - click the button